You’re not kidding about file structure. I haven’t got a fucking clue how to do it with phones. Every thing is just “in here somewhere” and it’ll pray the search feature can find it when I eventually locate the file browser.
Due to circumstances, I’ve had to emulate more on phones. You very much can figure out the file structure so long at its Android (and 9 times out of 10 shit is just in the download folder). I swear my wife’s iPhone is a little black box, though.
You’re in a virtualized container that only exposes some directories, also those directories are mostly hidden from you, also within this container you generally don’t have any permissions to them, and also every application completely obfuscates it’s folder access via some file access API.
It’s crazy to me how hard consumers got fucked right from the start on phone software and how normalized we are to it.
I agree with you, though… it’s definitely good for the general population as a whole. Tech savvy peeps should have the option to…be, but most folks should not have root access.
The app store and permission model hasn’t stopped malicious code from making it onto users devices. So if security was the concern, I’d say that’s a failure. But I think the primary concern was control. Control by manufacturers (And eventually, thereby states) of what people see and do on their phone. Make sure they have to pay for access to features. Easily surveil what they do.
Your confusing different parts of the system here, and showing a lack of understanding of the security and privacy concepts involved.
Stopping malicious apps is not the point of the permissions model or of the file structure. It’s meant to restrict what malicious apps can do, not prevent them from being installed. It applies to side loaded apps just as much as ones from the play store. Malicious code ending up on users devices does not make that system a failure, as that was never the aim.
As for spying, the permissions model makes that harder as apps can’t just access all the files made by the other apps. These kinds of mechanisms also exist on desktop Linux via flatpak and snapcraft for similar reasons. Mandatory and discretionary access control is important for both security and privacy. The two are not at odds here, they are in fact very much aligned.
The app store part is separate and not at all what was being discussed. That is meant to stop malicious apps from getting onto devices. In the case of Apple this is definitely also about control, but android has always allowed third party apps and sideloading.
Google’s own services and Apple’s own services are part of the OS and potentially have access to things others don’t so can very much engage in spying. That could be said of any Android manufacturer with their own ROM. You can do whatever you want if you made the ROM, android permissions model be damned.
Sorry, I thought you were the kind of person who could handle a little casual disagreement. I don’t mind that you think security was the primary purpose of phone OS app land, and I definitely wouldn’t presume you arrived at that assessment from ignorance as you’re a stranger who I don’t know and that would be both foolish and needlessly insulting. But everything I’ve watched phone companies do over the past 20 years demonstrates to me that a desire for control was the main intent. You don’t have to agree, in fact I think it’s silly to spend all day debating it because it really is a subjective matter.
What makes you think I can’t handle disagreement? If If think someone is using shaky reasoning I am allowed to call them out, and use my actual knowledge on the subject to defend my point.
I am not saying google or apple have the best of intentions. They don’t and that’s why I use GrapheneOS.
Sandboxing is generally a good thing so long as it’s done in a transparent way that can be controlled by the user. Hence the popularity of flatpaks, AppArmor and why GrapheneOS has even stricter sandboxing options than stock android. Walled garden ecosystems aren’t good, and neither is spying. Apple is guilty of both of those, with google being guilty of the latter. You’re painting all of these distinct things with the same brush even though they are basically cross purposes to each other. Different mechanisms are made for different reasons. The current state of mobile is the result of more than one decision made with different aims in mind. I am not saying that security is the primary consideration for all of these, certainly telemetry wasn’t added for security reasons. Just that it’s not as simple as you want to think. Nuances exist.
This is not subjective either. Someone somewhere will know the actual reasons these decisions were made. Even though we don’t know the exact thought process behind them, we can still reason about what these mechanisms do and are useful for. Android itself is open source and these mechanisms are reviewed by other security researchers. You’re just saying that to get out of the leg work of actually understanding the nuts and bolts of this stuff and what is and isn’t supporting the end user.
Do yourself a favor and install a FOSS file manager system, if you can / its not too much trouble on your particular phone.
Basicslly every phone OS goes out of their way to make their particular file browsing app batcrap overcomplicated and unintuitive if you want to do anything other than exactly what they want you do do.
Which is usually sync everything on your phone to their cloud and your account.
I am running a sort of jerry rigged, half baked, de goodled android, … basically I have torn out, replaced or disabled everything I can without root, but left in play store and core g services so i can actually still use it for common apps… done the best I can to lock down everything to its bare minimim privelege set, never use a big ole shared account for anything, everything is a separate, old school email account.
I haven’t got a fucking clue how to do it with phones.
In a certain way, probably me neither. I use ls, df, md5sum, cp, mv, rsync, tar, gzip, gpg, vim, touch and mkdir in Termux (terminal emulator for Android). For example, say I am replacing MP3 for FLAC. I really like to keep the timestamps of when I added the specific song, but I can’t find any better way than touch -r oldfile.mp3 newfile.flac
But I also use FX File explorer for certain tasks, as it thankfully keeps timestamps. I absolutely hate how moving photos in Google Photos updates the modified timestamp to the date of when the file was moved. Why?
And I also have an ancient version of ES File explorer, version 4.0.2.3. Before it enshittified.
But I am not sure whatever that is installable from within the device, or it’s old enough to require adb install --bypass-low-target-sdk-block app.apk like some other old apps I use.
Anyway, I have no idea what’s going on with iPhones and files, or whether that’s a non-existent concept there.
You’re not kidding about file structure. I haven’t got a fucking clue how to do it with phones. Every thing is just “in here somewhere” and it’ll pray the search feature can find it when I eventually locate the file browser.
I miss my PC
Due to circumstances, I’ve had to emulate more on phones. You very much can figure out the file structure so long at its Android (and 9 times out of 10 shit is just in the download folder). I swear my wife’s iPhone is a little black box, though.
IIRC modern iOS ships with a file manager. The black box used to be even worse!
iPhone bitch here
Yeah we absolutely have a file manager!
And where might I find the files saved by an application?
“Files”
Most apps aren’t visible there on an iPad. When connected to a computer other folders are visible instead but I was never able to get all of them.
You’re in a virtualized container that only exposes some directories, also those directories are mostly hidden from you, also within this container you generally don’t have any permissions to them, and also every application completely obfuscates it’s folder access via some file access API.
It’s crazy to me how hard consumers got fucked right from the start on phone software and how normalized we are to it.
It’s mainly done for security reasons, but yes it is not the most friendly way of doing things.
I agree with you, though… it’s definitely good for the general population as a whole. Tech savvy peeps should have the option to…be, but most folks should not have root access.
If it was primarily done for security then it was a massive fucking failure. But I believe that security was a secondary concern.
What reason do you think? Also what makes you think it was a failure? Seems pretty successful to me.
The app store and permission model hasn’t stopped malicious code from making it onto users devices. So if security was the concern, I’d say that’s a failure. But I think the primary concern was control. Control by manufacturers (And eventually, thereby states) of what people see and do on their phone. Make sure they have to pay for access to features. Easily surveil what they do.
Security is very often the excuse for control.
Your confusing different parts of the system here, and showing a lack of understanding of the security and privacy concepts involved.
Stopping malicious apps is not the point of the permissions model or of the file structure. It’s meant to restrict what malicious apps can do, not prevent them from being installed. It applies to side loaded apps just as much as ones from the play store. Malicious code ending up on users devices does not make that system a failure, as that was never the aim.
As for spying, the permissions model makes that harder as apps can’t just access all the files made by the other apps. These kinds of mechanisms also exist on desktop Linux via flatpak and snapcraft for similar reasons. Mandatory and discretionary access control is important for both security and privacy. The two are not at odds here, they are in fact very much aligned.
The app store part is separate and not at all what was being discussed. That is meant to stop malicious apps from getting onto devices. In the case of Apple this is definitely also about control, but android has always allowed third party apps and sideloading.
Google’s own services and Apple’s own services are part of the OS and potentially have access to things others don’t so can very much engage in spying. That could be said of any Android manufacturer with their own ROM. You can do whatever you want if you made the ROM, android permissions model be damned.
Sorry, I thought you were the kind of person who could handle a little casual disagreement. I don’t mind that you think security was the primary purpose of phone OS app land, and I definitely wouldn’t presume you arrived at that assessment from ignorance as you’re a stranger who I don’t know and that would be both foolish and needlessly insulting. But everything I’ve watched phone companies do over the past 20 years demonstrates to me that a desire for control was the main intent. You don’t have to agree, in fact I think it’s silly to spend all day debating it because it really is a subjective matter.
What makes you think I can’t handle disagreement? If If think someone is using shaky reasoning I am allowed to call them out, and use my actual knowledge on the subject to defend my point.
I am not saying google or apple have the best of intentions. They don’t and that’s why I use GrapheneOS.
Sandboxing is generally a good thing so long as it’s done in a transparent way that can be controlled by the user. Hence the popularity of flatpaks, AppArmor and why GrapheneOS has even stricter sandboxing options than stock android. Walled garden ecosystems aren’t good, and neither is spying. Apple is guilty of both of those, with google being guilty of the latter. You’re painting all of these distinct things with the same brush even though they are basically cross purposes to each other. Different mechanisms are made for different reasons. The current state of mobile is the result of more than one decision made with different aims in mind. I am not saying that security is the primary consideration for all of these, certainly telemetry wasn’t added for security reasons. Just that it’s not as simple as you want to think. Nuances exist.
This is not subjective either. Someone somewhere will know the actual reasons these decisions were made. Even though we don’t know the exact thought process behind them, we can still reason about what these mechanisms do and are useful for. Android itself is open source and these mechanisms are reviewed by other security researchers. You’re just saying that to get out of the leg work of actually understanding the nuts and bolts of this stuff and what is and isn’t supporting the end user.
Do yourself a favor and install a FOSS file manager system, if you can / its not too much trouble on your particular phone.
Basicslly every phone OS goes out of their way to make their particular file browsing app batcrap overcomplicated and unintuitive if you want to do anything other than exactly what they want you do do.
Which is usually sync everything on your phone to their cloud and your account.
I am running a sort of jerry rigged, half baked, de goodled android, … basically I have torn out, replaced or disabled everything I can without root, but left in play store and core g services so i can actually still use it for common apps… done the best I can to lock down everything to its bare minimim privelege set, never use a big ole shared account for anything, everything is a separate, old school email account.
In a certain way, probably me neither. I use ls, df, md5sum, cp, mv, rsync, tar, gzip, gpg, vim, touch and mkdir in Termux (terminal emulator for Android). For example, say I am replacing MP3 for FLAC. I really like to keep the timestamps of when I added the specific song, but I can’t find any better way than
touch -r oldfile.mp3 newfile.flacBut I also use FX File explorer for certain tasks, as it thankfully keeps timestamps. I absolutely hate how moving photos in Google Photos updates the modified timestamp to the date of when the file was moved. Why?
And I also have an ancient version of ES File explorer, version 4.0.2.3. Before it enshittified.
But I am not sure whatever that is installable from within the device, or it’s old enough to require
adb install --bypass-low-target-sdk-block app.apklike some other old apps I use.Anyway, I have no idea what’s going on with iPhones and files, or whether that’s a non-existent concept there.